rental.software Open in urlscan Pro
208.64.38.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://evto.io/5eGDpG
Effective URL:
https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Submission: On September 07 via manual (September 7th 2023, 5:27:02 pm UTC) from IN — Scanned from DE

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 80 HTTP transactions. The main IP is 208.64.38.12, located in United States and belongs to MWAY, US. The main domain is rental.software. The Cisco Umbrella rank of the primary domain is 323102.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 9th 2022. Valid for: a year.

This is the only time rental.software was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.255.119.27 162.255.119.27	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 25	208.64.38.12 208.64.38.12	53292 (MWAY) (MWAY)
4	2600:9000:230... 2600:9000:2304:5800:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	172.66.0.47 172.66.0.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.140.47 162.159.140.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.49 151.101.193.49	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b900:89cf:96fc:735a:f929	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
80	17

1 162.255.119.27 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

evto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 208.64.38.12 (United States) 1 redirects

ASN53292 (MWAY, US)
PTR: wave.rental.software

rental.software	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2304:5800:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.221.25 (United States) 2 redirects

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.66.0.47 (United States)

ASN13335 (CLOUDFLARENET, US)

pci-connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.49 (United States)

ASN54113 (FASTLY, US)

square-fonts-production-f.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:89cf:96fc:735a:f929 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

csp-report.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	rental.software 1 redirects rental.software — Cisco Umbrella Rank: 323102	522 KB
23	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 3016 play.google.com — Cisco Umbrella Rank: 46	424 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	200 KB
10	squareup.com pci-connect.squareup.com — Cisco Umbrella Rank: 52967 js.squareup.com — Cisco Umbrella Rank: 52214 connect.squareup.com — Cisco Umbrella Rank: 42490	41 KB
5	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 31312 square-fonts-production-f.squarecdn.com — Cisco Umbrella Rank: 42169	228 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2583	3 KB
2	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2839	1 KB
1	browser-intake-datadoghq.com csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 24226
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5643	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	68 KB
1	evto.io 1 redirects evto.io	256 B
80	13

	Domain	Requested by
25	rental.software	1 redirects rental.software
16	play.google.com	www.gstatic.com
10	www.gstatic.com	pay.google.com www.gstatic.com
7	pci-connect.squareup.com	web.squarecdn.com
6	pay.google.com	web.squarecdn.com pay.google.com rental.software www.gstatic.com
4	web.squarecdn.com	rental.software web.squarecdn.com
2	connect.squareup.com	js.squareup.com connect.squareup.com
2	www.paypalobjects.com	rental.software
2	www.paypal.com	2 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	csp-report.browser-intake-datadoghq.com	rental.software
1	fonts.googleapis.com	client
1	square-fonts-production-f.squarecdn.com	web.squarecdn.com
1	js.squareup.com	web.squarecdn.com
1	www.google.de	rental.software
1	www.google.com	rental.software
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	rental.software
1	evto.io	1 redirects
80	19

This site contains links to these domains. Also see Links.

Domain
www.inflatableoffice.com

Subject Issuer	Validity	Valid
*.rental.software Sectigo RSA Domain Validation Secure Server CA	`2022-09-09` - `2023-10-10`	a year	crt.sh
web.squarecdn.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2023-03-24` - `2024-03-23`	a year	crt.sh
js.squareup.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-01`	a year	crt.sh
*.squarecdn.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
connect.squareup.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Frame ID: 85BBE43B5629107816CDEA33EA12EE75
Requests: 43 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.3/main-iframe.html?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software
Frame ID: 708822DF26A97C7731D54DF6C814697C
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.3/single-card-element-iframe.html
Frame ID: 1C23C8CF5FC92B038D8C57EDA75F74D8
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frental.software&mid=
Frame ID: 807865F2B19BD6FC3FFD315A2ABD6B40
Requests: 15 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915
Frame ID: E519F39C505A7CCFBE5A9AB99B143D90
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false
Frame ID: FB5BBB2DF0017C0DD9503C089CA5C54A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Contract Page

Page URL History Show full URLs

http://evto.io/5eGDpG HTTP 302
https://rental.software/shortlink/5eGDpG HTTP 302
https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Square (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.squareup\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

98 %
HTTPS

65 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

1490 kB
Transfer

3821 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.inflatableoffice.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://evto.io/5eGDpG HTTP 302
https://rental.software/shortlink/5eGDpG HTTP 302
https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif

Request Chain 14

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request contractme.php Show response
rental.software/quotes/
Redirect Chain

http://evto.io/5eGDpG
https://rental.software/shortlink/5eGDpG
https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

71 KB
17 KB

967ms
966ms

Document
text/html

208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 35968f5416ce5e852ae511654197ebfec875629639f53aa38020f81b39808f0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 17090
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
pragma: no-cache
server: Apache/2.4.41 (Ubuntu)

GET
H2 200 bootstrap-combined.no-icons-custom.min.css
rental.software/styles/ 120 KB
20 KB 224ms
223ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/bootstrap-combined.no-icons-custom.min.css?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0ac4e47eefad0ab623c198adbe1cd40ac0b55e2dcd6a4ae4ba08d89eb28590db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 18:06:38 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "1de60-5e90b92ae1ab6-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20325

GET
H2 200 all.min.css
rental.software/styles/fontawesome-free-5.7.2-web/css/ 53 KB
12 KB 119ms
118ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/fontawesome-free-5.7.2-web/css/all.min.css
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "d4b8-5e546a83572be-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11854

GET
H2 200 bootstrap-responsive.css
rental.software/styles/ 16 KB
3 KB 118ms
116ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/bootstrap-responsive.css
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 6e4cf37ad9c21c11ff9bee05b5a5f645e5afc10d9993fb5260af90bdb9022a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "3f7e-5e546a835055f-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2700

GET
H2 200 bootstrap-timepicker.css
rental.software/styles/ 2 KB
629 B 119ms
117ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/bootstrap-timepicker.css
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d776c9e607d62aff366482ae83f0958e41f06c6bb64dd2474046baede706276f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "9fa-5e546a835055f-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 576

GET
H2 200 bootstrap-datepicker.css
rental.software/styles/ 3 KB
829 B 115ms
114ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/bootstrap-datepicker.css
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f589cb275b6104170462d9de7433a09d1484fbe1c8ad1894695938213d6e7db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "d0a-5e546a835055f-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 718

GET
H2 200 bootstrap-custom.css
rental.software/styles/ 8 KB
2 KB 118ms
117ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/bootstrap-custom.css?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1c69e0db4d8dfe4e460be9a6f28d110e37fa40a0375c4cc651aa6830776480ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "2140-5e546a835055f-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2422

GET
H2 200 contractme.css
rental.software/styles/ 3 KB
975 B 117ms
116ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/contractme.css?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: f3507f9d680a47771c22410c579434f6d977db6e2665d592a0e98e6c2bf23efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 18:06:38 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "a91-5e90b92ae1ab6-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 900

GET
H2 200 square.css
rental.software/styles/ 383 B
245 B 117ms
115ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/square.css?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 21171d80298487cf69d98cc8b9e10c8220ed2a5807325530f1485f9e8688b361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "17f-5e546a837477d-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 192

GET
H2 200 jquery-1.12.4.min.js Show response
rental.software/javascript/jquery/ 95 KB
34 KB 228ms
227ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/jquery/jquery-1.12.4.min.js
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "17b8b-5e546a8315be2-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 34807

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ 345 KB
100 KB 122ms
27ms Script
application/javascript 2600:9000:2304:5800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af1dc0c71ef47cd00a0b26833d2b886a966acac928f2e5cb81ef24cac3118a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:30:48 GMT
x-amz-version-id: ojCdKNMasAVFJrvqutVIudpenclihsC_
content-encoding: gzip
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 78969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.51.3
last-modified: Tue, 29 Aug 2023 21:28:34 GMT
server: AmazonS3
etag: W/"0dab214eeffce99e89e253a2bbc90617"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-md5checksum: DashTu/86Z6J4lOiu8kGFw==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: c6vwhXL3nGYqqfV5TgZvaPkNDDV9R435X89lx85paEq6tpskqTXipg==

GET
H2 200 square.js Show response
rental.software/quotes/ 12 KB
3 KB 116ms
115ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/quotes/square.js?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a7b347c362971a06d06fbd519c5d89f783868c8e3b7c03f0436689a3bd610a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 18 Jul 2023 13:06:23 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "2e3d-600c294fbfbcc-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2946

GET
H2 200 imagesloaded.pkgd.js Show response
rental.software/javascript/ 12 KB
4 KB 330ms
330ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/imagesloaded.pkgd.js
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 66d8c187ede5a9b7c9e547da843dba13d467b38c3853236a3293d567e2d34ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "31f2-5e546a830fe22-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3601

GET
H2 200 blockui.js Show response
rental.software/javascript/ 20 KB
7 KB 331ms
330ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/blockui.js?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: b5d70228c032ce95b4e4b0df11baa8bec878b55256615b7ec90013d6fdd8a692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:56 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "502f-5e546a82c8985-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6802

GET
H2

200

btn_paynowCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif

3 KB
3 KB

23ms
16ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif

Requested by

Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48D7) /

Resource Hash

4b58709f64f5839d83575cead577432b55d98e4e154de6c3019db6cf14cc39ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 9c139cd920d59
dc: ccg11-origin-www-1.paypal.com
content-length: 2742
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (ama/48D7)
traceparent: 00-00000000000000000009c139cd920d59-b3fb576c88b21f9f-01
etag: "5d5637bd-ab6"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 07 Sep 2023 18:26:57 GMT

Redirect headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Full
server: ECAcc (lhd/359D)
traceparent: 00-000000000000000000009641846007b9-eee9144b275b0d22-01
vary: Accept-Encoding
location: https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif
paypal-debug-id: 09641846007b9
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: *
content-length: 20

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
282 B

21ms
15ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4894) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (ama/4894)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Thu, 07 Sep 2023 18:26:57 GMT

Redirect headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Full
server: ECAcc (lhd/35E1)
traceparent: 00-0000000000000000000042291554411a-b2b8099086acf071-01
vary: Accept-Encoding
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
paypal-debug-id: 042291554411a
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: *
content-length: 20

GET
H2 200 FS_50_SFB_logo_279293.jpg
rental.software/users/funservices/images/ 190 KB
192 KB 115ms
113ms Image
image/jpeg 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.software/users/funservices/images/FS_50_SFB_logo_279293.jpg
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 154247daed9c9da71ed6049b56978496f2b167c33b684d3c35b145b517c70584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
last-modified: Wed, 21 Feb 2018 16:21:38 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "2f8ef-565bb5252c880"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 194799

GET
H2 200 Shooting-Stars-300x300_652594762.jpeg
rental.software/users/funservices/images/ 92 KB
93 KB 114ms
112ms Image
image/jpeg 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.software/users/funservices/images/Shooting-Stars-300x300_652594762.jpeg
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 80d80479da92aa330b31955876bfd7bd2648b41bfcd8575167d76748c8c5ac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
last-modified: Mon, 19 Feb 2018 19:17:33 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "171e2-565958bc48d40"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 94690

GET
H2 200 Slam%20dunk_1651858094.jpg
rental.software/users/funservices/images/ 21 KB
21 KB 114ms
112ms Image
image/jpeg 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.software/users/funservices/images/Slam%20dunk_1651858094.jpg
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c33eb82bc015d7d28df6ed6e7791878c4840fecc1d966a81582decfac19cee36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
last-modified: Fri, 06 May 2022 17:28:14 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "52e2-5de5b2eeed214"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21218

GET
H2 200 print_contract.css
rental.software/styles/ 515 B
278 B 115ms
113ms Stylesheet
text/css 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/print_contract.css?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 91678033771a7e2b3b58accc30c65f5681af87a1dfa83e5545e96fb9f91dbc90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "203-5e546a837477d-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 226

GET
H2 200 logo_block.png
rental.software/images/brand_standards/ 11 KB
11 KB 114ms
113ms Image
image/png 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rental.software/images/brand_standards/logo_block.png
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fe034a3dbb492f6b4e808e026920a06cf67798464a0bab239e4a211b6e8df650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
last-modified: Tue, 02 Aug 2022 18:55:14 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "2c5a-5e546a81c6c92"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11354

GET
H2 200 bootstrap.min.js Show response
rental.software/javascript/bootstrap/bootstrap-3.3.5-dist/js/ 36 KB
10 KB 114ms
113ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/bootstrap/bootstrap-3.3.5-dist/js/bootstrap.min.js?v=1
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8ba9eb94c1cdc60e9d338263c27894a364cb933d5fc001eae9087f89a9b0cff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "8ece-5e546a82cd7a5-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9879

GET
H2 200 contractme.js Show response
rental.software/javascript/ 33 KB
9 KB 113ms
113ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/contractme.js?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 36c92860cf6206c4610d356c8394c8602a5e8e69541aaef3444c3666011625ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
last-modified: Tue, 18 Jul 2023 13:06:23 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "8593-600c294fbec2c-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9276

GET
H2 200 cookie.js Show response
rental.software/javascript/ 1 KB
504 B 114ms
112ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/cookie.js?v=2023-07-18_898
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 667f0f3554ac0b115a204725aab45bfd377f5eff8e198ce5e89193d0d8640884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "444-5e546a82d0685-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 451

GET
H2 200 jSignature.min.js Show response
rental.software/javascript/jSignature/ 21 KB
8 KB 116ms
113ms Script
application/javascript 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/javascript/jSignature/jSignature.min.js
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 26c59ca94a7be2ace8a7d1ea262edfa808654e415c438f53e35b7e1ff7101552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
last-modified: Tue, 02 Aug 2022 18:55:15 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "553c-5e546a830fe22-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7957

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 57ms
31ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043755324

Requested by

Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b18a371b339820a2dc124af537fca1a12f5b78ea8b4eac1a87b4934b2e345f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69618
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:15:43 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Sep 2023 17:26:57 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32cbd7dd648916824758036a1449d2efc26e87166285fa4e361e9375ceaa5631

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fa-solid-900.woff2
rental.software/styles/fontawesome-free-5.7.2-web/webfonts/ 73 KB
73 KB 219ms
218ms Font
font/woff2 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/styles/fontawesome-free-5.7.2-web/webfonts/fa-solid-900.woff2
Requested by: Host: rental.software
URL: https://rental.software/styles/fontawesome-free-5.7.2-web/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: https://rental.software/styles/fontawesome-free-5.7.2-web/css/all.min.css
Origin: https://rental.software
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:57 GMT
last-modified: Tue, 02 Aug 2022 18:55:16 GMT
server: Apache/2.4.41 (Ubuntu)
etag: "1226c-5e546a837477d"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
content-length: 74348

POST
H2 200 calc_surcharge.php Show response
rental.software/include/ 39 B
71 B 167ms
167ms XHR
text/html 208.64.38.12
MWAY

General

Check archive.org

Show headers Download Go to

Full URL: https://rental.software/include/calc_surcharge.php
Requested by: Host: rental.software
URL: https://rental.software/javascript/jquery/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.64.38.12 , United States, ASN53292 (MWAY, US),
Reverse DNS: wave.rental.software
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d86bb67c4cde335866322eb72f0b86c0f1063f6ea643bdde3de6e848af8201b6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
server: Apache/2.4.41 (Ubuntu)
content-length: 41
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043755324/ 3 KB
2 KB 70ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043755324/?random=1694107617288&cv=11&fst=1694107617288&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915&hn=www.googleadservices.com&frm=0&tiba=Contract%20Page&auid=1334684268.1694107617&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1043755324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced9a9520d5668221ed51af983965dac09a5a3dddef4c96874f632ba283a4f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 17:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043755324/ 42 B
455 B 41ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043755324/?random=1694107617288&cv=11&fst=1694106000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915&frm=0&tiba=Contract%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854234275&rmt_tld=0&ipr=y

Requested by

Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 17:26:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043755324/ 42 B
455 B 47ms
27ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043755324/?random=1694107617288&cv=11&fst=1694106000000&bg=ffffff&guid=ON&async=1&gtm=45be38u0&u_w=1600&u_h=1200&url=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915&frm=0&tiba=Contract%20Page&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854234275&rmt_tld=1&ipr=y

Requested by

Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 17:26:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main-iframe.html Show response
web.squarecdn.com/1.51.3/ Frame 7088 328 KB
92 KB 19ms
19ms Document
text/html 2600:9000:2304:5800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.3/main-iframe.html?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4f0074d223c15e8aa9c82eced9c31c74e3181a3ac97fddfbaa580781e1162fb

Request headers

Referer: https://rental.software/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 70373
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 07 Sep 2023 14:21:12 GMT
etag: W/"1b8ff2107ced69502ab64cdd4607c048"
last-modified: Tue, 29 Aug 2023 21:28:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-amz-cf-id: TLk2hZF0sFkITXeVsOlaRFTGt4EUdpJW9HBMF_ux12K1cJPR1uaJ8g==
x-amz-cf-pop: VIE50-P1
x-amz-meta-md5checksum: G4/yEHztaVAqtkzdRgfASA==
x-amz-meta-websdk-version: 1.51.3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: HkaZQxeMqEtAEG65DcbOoQSy7W6cxG__
x-cache: Hit from cloudfront

GET
H2 200 hydrate Show response
pci-connect.squareup.com/payments/ Frame 7088 1 KB
1 KB 453ms
436ms Fetch
application/json 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software&locationId=556ARDJ2ZDV4J&version=1.51.3

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.3/main-iframe.html?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7ee964f1119e32ba6a893b06e3e035a82472cf4b68c1055cc4f7bb64871b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Thu, 07 Sep 2023 17:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-7b64151f-4ad7-46b7-9df8-f09a57a01089
x-sq-region: iad2b
content-length: 611
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8e4efa23660-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 hydrate
pci-connect.squareup.com/payments/ Frame 0
0 525ms
396ms Preflight 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software&locationId=556ARDJ2ZDV4J&version=1.51.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 8030a8e2485935e8-FRA
content-length: 0
date: Thu, 07 Sep 2023 17:26:58 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
269 B 429ms
428ms Ping
text/plain 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rental.software/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 07 Sep 2023 17:26:58 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://rental.software
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8e74aa13660-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 data.js Show response
js.squareup.com/payments/ 80 KB
25 KB 465ms
427ms Script
application/javascript 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.squareup.com/payments/data.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175ceeecb7be6c0cfbee5871d395ab2664670731fb0880fa0da44dae0733da9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rental.software/
Origin: https://rental.software
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: aws
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-region: us-east-1
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8e7ed689b5d-FRA
access-control-allow-headers: Origin, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 single-card-element-iframe.html Show response
web.squarecdn.com/1.51.3/ Frame 1C23 8 KB
2 KB 19ms
19ms Document
text/html 2600:9000:2304:5800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.3/single-card-element-iframe.html
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer: https://rental.software/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 62043
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 07 Sep 2023 00:12:56 GMT
etag: W/"03e704396b83c27986cdb35eb350b127"
last-modified: Tue, 29 Aug 2023 21:28:34 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-amz-cf-id: _zY3xLqzADHoarFcJTX13sLYD1ZcVRlFh98164GfzDPUWfcwKxL0dA==
x-amz-cf-pop: VIE50-P1
x-amz-meta-md5checksum: A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version: 1.51.3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 2jWl5JRY1y0v5GU1JKzoFHCwoE0dEpb1
x-cache: Hit from cloudfront

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame 7088 0
62 B 150ms
150ms Ping
text/plain 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.3/main-iframe.html?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 07 Sep 2023 17:26:58 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8e7bb3a3660-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 card-wrapper.css
web.squarecdn.com/1.51.3/ 5 KB
2 KB 18ms
18ms Stylesheet
text/css 2600:9000:2304:5800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.3/card-wrapper.css
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: QI8QuTYg5_YgWc4pXWvM1AQ_R1R4Qch.
content-encoding: gzip
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
date: Wed, 06 Sep 2023 19:48:30 GMT
x-amz-cf-pop: VIE50-P1
age: 77908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.51.3
last-modified: Tue, 29 Aug 2023 21:28:34 GMT
server: AmazonS3
etag: W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-amz-meta-md5checksum: /I3t4KVd6uEyLV2AsOhIqQ==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: cMp6te0y2QjVDuWBlzVe6vICqN2pl2z0waxvPvI_WiIPqxYD2vDD7Q==

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619

Request headers

Referer
Origin: https://rental.software
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SquareSansText-Regular.woff2
square-fonts-production-f.squarecdn.com/square-text/ 32 KB
32 KB 53ms
6ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.3/card-wrapper.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83

Request headers

Referer: https://web.squarecdn.com/
Origin: https://rental.software
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: eXxmSKhEDvfGtW3vez6fcv7YHTlX3n4O
date: Thu, 07 Sep 2023 17:26:58 GMT
via: 1.1 varnish
x-amz-request-id: XY0VA38V3HY7SS59
age: 1944786
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 32724
x-amz-id-2: ijSnBKawQ3pZjkXb1AGI0LBI+u9gb2ilJ0LcTrtDB/pYt1rLnU8WbU7zfxFnUuZswjo8+5XjHs8=
x-served-by: cache-fra-eddf8230039-FRA
last-modified: Thu, 27 Apr 2023 18:45:33 GMT
server: AmazonS3
x-timer: S1694107619.600229,VS0,VE0
etag: "8bd78348f371229eadd661171386f3b8"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 116 KB
36 KB 138ms
68ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2D0OoHEBh9kiKXmNx9HLRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2D0OoHEBh9kiKXmNx9HLRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Sep 2023 17:26:58 GMT

POST
H2 200 token Show response
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 7088 255 B
378 B 426ms
426ms Fetch
application/json 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.3/main-iframe.html?applicationId=sq0idp-B0tURv5RtZGUOELfblR4kQ&hostname=rental.software

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adc5f88571f57efa135dce39fd45dbdbc8dce092037f808d2274c1104bc7d688

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-e3e61d0f-1006-4691-92a5-c09bb2efed2f
x-sq-region: iad2b
content-length: 240
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8e8ecf13660-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 0
0 128ms
128ms Preflight 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 8030a8e8182d35e8-FRA
content-length: 0
date: Thu, 07 Sep 2023 17:26:58 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 8078 18 KB
8 KB 224ms
224ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frental.software&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

702da386392c08524de52e9de1b77d7e6b15154dd87c4cfd20acc6ed7af3f8bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BzR66pL3c9UVa8XT9W3xAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rental.software/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-BzR66pL3c9UVa8XT9W3xAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Sep 2023 17:26:58 GMT
expires: Thu, 07 Sep 2023 17:26:58 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 8078 155 KB
56 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhDkWCKX8QcGe1kvYxJdsgPm7nUOQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frental.software&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb56a0b768518fade4db9e85d8d7fb8c9f495566d14577423ae6e26b819c6597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56158
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 23:48:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 19:50:42 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8078 2 KB
2 KB 120ms
120ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 frame.html Show response
connect.squareup.com/payments/data/ Frame E519 33 KB
13 KB 174ms
136ms Document
text/html 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52fdc2c0692c32ff212c00421fb02ce5f90e285cdb5bf07fec942704b56faf70

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rental.software/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8030a8eae8b35c3e-FRA
content-encoding: gzip
content-security-policy: default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
content-type: text/html
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-sq-dc: aws
x-sq-region: us-east-1
x-xss-protection: 1; mode=block

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQ... Frame 8078 72 KB
26 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQEz22rcMw.L.B1.O/am=AGAM/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriDUiVO3BBXuI0dxspgXaTb3hOmFQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/am=AGAM/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhDkWCKX8QcGe1kvYxJdsgPm7nUOQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc7b302d171f04e94d7b0880fca11d026d41b4945fb049679465f6763539b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26882
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 23:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 19:50:42 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 8078 1 MB
368 KB 78ms
78ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

865f926e49ddc55123181e5bb4262e7b42c885d9b85274bfc668adfb2ad71caf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pTMTxmZOyw15t2Z9zz9xpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pTMTxmZOyw15t2Z9zz9xpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Sep 2023 17:26:59 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQ... Frame 8078 9 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQEz22rcMw.L.B1.O/am=AGAM/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriDUiVO3BBXuI0dxspgXaTb3hOmFQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

931f11a34df8382c8f6a9c2f940ebb51b7a08f7e6decf6783b865825af5dc4a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 23:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 19:50:42 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQ... Frame 8078 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3f7_BGrWanw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ZmQEz22rcMw.L.B1.O/am=AGAM/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriDUiVO3BBXuI0dxspgXaTb3hOmFQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

095751e83a78e44f15ad3350e4b10a375364ca87704cd2819984ce119e7b9841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 23:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 19:50:42 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
41ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 58ms
44ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 55ms
44ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
46ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 59ms
44ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
41ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:500

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 16:09:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 17:26:59 GMT

GET
H3 200 generate_gpay_btn_img Show response
pay.google.com/gp/p/ Frame FB5B 18 KB
7 KB 85ms
84ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bae792bfa50d360a14a7bbb30ca493511e50ee245dd466c3e64f8ff1773dfa3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I3cLJo6SA56J2Ap-F2866g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rental.software/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-I3cLJo6SA56J2Ap-F2866g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 149 B
173 B 8ms
8ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 06:46:49 GMT
x-content-type-options: nosniff
age: 556810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 31 Aug 2024 06:46:49 GMT

GET
H3 200 dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 2 KB
896 B 8ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark_gpay.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rental.software/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 18:23:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 871
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Sep 2024 18:23:49 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 44ms
44ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 42ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
40ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 42ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 42ms
42ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 43ms
42ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8078 131 B
155 B 44ms
43ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 17:26:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
39ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Sep 2023 17:26:59 GMT
expires: Thu, 07 Sep 2023 17:26:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame E519 0
0 345ms
118ms Other
application/json 2600:1f18:24e6:b900:89cf:96fc:735a:f929
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:89cf:96fc:735a:f929 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.squareup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ 22 KB
22 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rental.software
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 19:24:51 GMT
x-content-type-options: nosniff
age: 511328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22308
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 19:24:51 GMT

POST
H2 200 token Show response
connect.squareup.com/v2/analytics/ Frame E519 112 B
523 B 142ms
141ms XHR
application/json 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/v2/analytics/token

Requested by

Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c720f97fd7b08a1e5d35cd60729ab3cc130117dbb46ceb28b393b91cea33d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Frental.software%2Fquotes%2Fcontractme.php%3Fname%3DFun%2BServices%2Bof%2BKC%2BLLC%26qid%3D19002773%26cid%3D4976915
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: aws
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-2653d97a-ffd8-4553-90f4-a80a0bdccdf7
x-sq-region: us-east-1
content-length: 128
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://connect.squareup.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8ec29ef5c3e-FRA
access-control-allow-headers: Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/am=AGAY/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/... Frame FB5B 158 KB
56 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/am=AGAY/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgkH984JIi-Y5QR-89Y7Di3x1OJ4w/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f931d1603cae7e58f1dad1e23bb727f7f490558e50ae3face988edfb20b288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 23:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57106
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 23:48:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 23:37:41 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/ Frame FB5B 2 KB
2 KB 121ms
121ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Requested by: Host: rental.software
URL: https://rental.software/quotes/contractme.php?name=Fun+Services+of+KC+LLC&qid=19002773&cid=4976915
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1609
content-type: text/html; charset=UTF-8

GET
H3 200 en.svg
www.gstatic.com/instantbuy/svg/dark/ Frame FB5B 4 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/instantbuy/svg/dark/en.svg

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static&enableGpayNewButtonAsset=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 20:45:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1779
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 20:45:32 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.G... Frame FB5B 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.GmstBhJGXIs.L.B1.O/am=AGAY/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrjlWci_nghwURc3EaESZilQmKi94w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/am=AGAY/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgkH984JIi-Y5QR-89Y7Di3x1OJ4w/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e706291ff3d4f3e14a6c4d35346fa7bc0af84412b84af8a455787b8091cda9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 23:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6662
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 23:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 23:37:52 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.G... Frame FB5B 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.AjHyVNTjD1Q.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.GmstBhJGXIs.L.B1.O/am=AGAY/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrjlWci_nghwURc3EaESZilQmKi94w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799a4146cde4817eb7aa2888699b8cabc74d6b0313b763e701a328481fe369d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 23:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13580
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 23:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 23:37:52 GMT

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
44 B 153ms
153ms Ping
text/plain 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rental.software/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 07 Sep 2023 17:26:59 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://rental.software
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8030a8ed8afb3660-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rental.software/quotes	1970-01-20 14:35:07	Name: quoteid Value: 19002773
rental.software/quotes	1970-01-20 14:35:07	Name: contactid Value: 4976915
rental.software/	1970-01-20 18:54:19	Name: _s Value: 2u8e49kj8sprb4hi4k1g054q4j
rental.software/	1970-01-21 00:11:07	Name: cids Value: null
.rental.software/	1970-01-20 16:44:43	Name: _gcl_au Value: 1.1.1334684268.1694107617
.paypal.com/	1970-01-21 00:11:07	Name: ts Value: vreXpYrS%3D1788802017%26vteXpYrS%3D1694109417%26vr%3D70aec7fd18a0ad04b83d22c5fd7cdcb3%26vt%3D70aec7fd18a0ad04b83d22c5fd7cdcb2%26vtyp%3Dnew
.paypal.com/	1970-01-21 00:11:07	Name: ts_c Value: vr%3D70aec7fd18a0ad04b83d22c5fd7cdcb3%26vt%3D70aec7fd18a0ad04b83d22c5fd7cdcb2
.doubleclick.net/	1970-01-20 14:35:08	Name: test_cookie Value: CheckForPermission
.squareup.com/	1970-01-21 00:11:07	Name: _savt Value: 5318db59-477e-405d-ac48-8c543d53f2b3
.google.com/	1970-01-20 18:58:38	Name: NID Value: 511=AWFQNXUf6tCvLRI4t4TcmBBaooUOUMgtdWWl7qbvPnOm-z_TfjcMXVpKPRJXGf4zkfpkcGI2rmGilmJrVZNhyL6dVqRkV0a2EEvOk_bmzVrTrGjjD2QA0hSrA1MMP3RmqnVsQDfdkiyrnVYfNDV65OII7i9S0i4IUhbtyGdIJyQ
.pci-connect.squareup.com/	1970-01-20 14:35:09	Name: __cf_bm Value: PW_x_cnAvQZ3.uB2qu0FgSIsXgZ0LyFBGKvl13hqeEA-1694107618-0-AZi42TJruPAjd0aEejMHnyauQO7RhPbm1wDu2XjWulIIkIRrKiz52Nryrv/NZaWrsYn+FqaGGHLOs4FrfZ7aVfc=
.connect.squareup.com/	1970-01-20 14:35:09	Name: __cf_bm Value: 4LZVb6wq4x2Qyj8VZjqCtL0sIML7Gkt6kN2bAsQd1_Y-1694107619-0-Af9G3p3SsU9VgW7QgrcNFbGf4xvo/rcG1mZvipJ9vgPL6c4L39hb1I3pPhQHlt8/cus0FDbixBgzS5SWn6Zva04=

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.squareup.com
csp-report.browser-intake-datadoghq.com
evto.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.squareup.com
pay.google.com
pci-connect.squareup.com
play.google.com
rental.software
square-fonts-production-f.squarecdn.com
web.squarecdn.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
151.101.193.49
162.159.140.47
162.255.119.27
172.66.0.47
192.229.221.25
208.64.38.12
2600:1f18:24e6:b900:89cf:96fc:735a:f929
2600:9000:2304:5800:13:4005:e4c0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:400c:c0b::5c
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
095751e83a78e44f15ad3350e4b10a375364ca87704cd2819984ce119e7b9841
0ac4e47eefad0ab623c198adbe1cd40ac0b55e2dcd6a4ae4ba08d89eb28590db
154247daed9c9da71ed6049b56978496f2b167c33b684d3c35b145b517c70584
175ceeecb7be6c0cfbee5871d395ab2664670731fb0880fa0da44dae0733da9c
1c69e0db4d8dfe4e460be9a6f28d110e37fa40a0375c4cc651aa6830776480ec
1c7ee964f1119e32ba6a893b06e3e035a82472cf4b68c1055cc4f7bb64871b61
21171d80298487cf69d98cc8b9e10c8220ed2a5807325530f1485f9e8688b361
26c59ca94a7be2ace8a7d1ea262edfa808654e415c438f53e35b7e1ff7101552
27f931d1603cae7e58f1dad1e23bb727f7f490558e50ae3face988edfb20b288
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32cbd7dd648916824758036a1449d2efc26e87166285fa4e361e9375ceaa5631
33c720f97fd7b08a1e5d35cd60729ab3cc130117dbb46ceb28b393b91cea33d7
35968f5416ce5e852ae511654197ebfec875629639f53aa38020f81b39808f0a
36c92860cf6206c4610d356c8394c8602a5e8e69541aaef3444c3666011625ae
3bc7b302d171f04e94d7b0880fca11d026d41b4945fb049679465f6763539b76
4b58709f64f5839d83575cead577432b55d98e4e154de6c3019db6cf14cc39ac
4bae792bfa50d360a14a7bbb30ca493511e50ee245dd466c3e64f8ff1773dfa3
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52fdc2c0692c32ff212c00421fb02ce5f90e285cdb5bf07fec942704b56faf70
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff
667f0f3554ac0b115a204725aab45bfd377f5eff8e198ce5e89193d0d8640884
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d8c187ede5a9b7c9e547da843dba13d467b38c3853236a3293d567e2d34ff8
6e4cf37ad9c21c11ff9bee05b5a5f645e5afc10d9993fb5260af90bdb9022a05
702da386392c08524de52e9de1b77d7e6b15154dd87c4cfd20acc6ed7af3f8bc
80d80479da92aa330b31955876bfd7bd2648b41bfcd8575167d76748c8c5ac56
865f926e49ddc55123181e5bb4262e7b42c885d9b85274bfc668adfb2ad71caf
8ba9eb94c1cdc60e9d338263c27894a364cb933d5fc001eae9087f89a9b0cff8
91678033771a7e2b3b58accc30c65f5681af87a1dfa83e5545e96fb9f91dbc90
931f11a34df8382c8f6a9c2f940ebb51b7a08f7e6decf6783b865825af5dc4a0
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
a7b347c362971a06d06fbd519c5d89f783868c8e3b7c03f0436689a3bd610a87
adc5f88571f57efa135dce39fd45dbdbc8dce092037f808d2274c1104bc7d688
af1dc0c71ef47cd00a0b26833d2b886a966acac928f2e5cb81ef24cac3118a2b
b18a371b339820a2dc124af537fca1a12f5b78ea8b4eac1a87b4934b2e345f72
b5d70228c032ce95b4e4b0df11baa8bec878b55256615b7ec90013d6fdd8a692
b8a803ffb4fef3ac3d5bcc99239abb1d3e1f4e2858f54c2fe135c88648f45656
bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847
c33eb82bc015d7d28df6ed6e7791878c4840fecc1d966a81582decfac19cee36
c799a4146cde4817eb7aa2888699b8cabc74d6b0313b763e701a328481fe369d
cb56a0b768518fade4db9e85d8d7fb8c9f495566d14577423ae6e26b819c6597
ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83
ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f
ced9a9520d5668221ed51af983965dac09a5a3dddef4c96874f632ba283a4f19
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d776c9e607d62aff366482ae83f0958e41f06c6bb64dd2474046baede706276f
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e
d86bb67c4cde335866322eb72f0b86c0f1063f6ea643bdde3de6e848af8201b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e706291ff3d4f3e14a6c4d35346fa7bc0af84412b84af8a455787b8091cda9e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3507f9d680a47771c22410c579434f6d977db6e2665d592a0e98e6c2bf23efa
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f4f0074d223c15e8aa9c82eced9c31c74e3181a3ac97fddfbaa580781e1162fb
f589cb275b6104170462d9de7433a09d1484fbe1c8ad1894695938213d6e7db5
f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619
fe034a3dbb492f6b4e808e026920a06cf67798464a0bab239e4a211b6e8df650

rental.software Open in urlscan Pro 208.64.38.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

98 %HTTPS

65 %IPv6

13 Domains

19 Subdomains

17 IPs

4 Countries

1490 kBTransfer

3821 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rental.software Open in urlscan Pro
208.64.38.12 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

98 %
HTTPS

65 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

1490 kB
Transfer

3821 kB
Size

12
Cookies

80 HTTP transactions
2 data transactions